Re: USB drive auditing

Hello John,

If you have at least one vista/server2008 machine and your clients are XP
or higher, i suggest to use Group policy preferences where you can define
hardware access for all different kind of devices. Administrationis done
with RSAT. The clients must have installed the Client side extensions.

Download and install RSAT on Vista/2008:

RSAT 32bit:
http://www.microsoft.com/downloads/d...displaylang=en

RSAT 64bit:
http://www.microsoft.com/downloads/d...displaylang=en

Then open Control Panele, Programs and features, Turn windows features on
or off, check the tools you like under "Remote Server Administration Tools"

CSE XP 32bit:
http://www.microsoft.com/downloads/d...displaylang=en

CSE XP 64bit:
http://www.microsoft.com/downloads/d...displaylang=en

CSE 2003 32 bit:
http://www.microsoft.com/downloads/d...displaylang=en

CSE 2003 64bit:
http://www.microsoft.com/downloads/d...displaylang=en

CSE Vista 32bit:
http://www.microsoft.com/downloads/d...displaylang=en

CSE Vista 64bit:
http://www.microsoft.com/downloads/d...displaylang=en


Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> "Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
> news: .com...
>
>> Hello John,
>>
>> Never heard about. But why not disabling USB ports with GPO and only
>> open it according your policies?
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> Unfortunately it is necessary to have some devices - printers and
> scanners - which are connected via USB. However I want to ensure USB
> usage is according to policy by preventing users' personal drives and
> dongles being inserted into the systems. Users are already aware of
> this policy, but have been taking advantage of the USB access to bring
> games, emulators (and viruses) onto the systems, and circumvent the
> www whitelist on the server by using their own USB modems. I have been
> asked to devise a solution that will record accesses of this type.
>
> Thanks for the reply.
>

Also, although I do not have the details handy, there is a registry setting
that will prevent the connection of USB-based storage devices, but allow
printers, keyboards, mice, and etc to work. And I think this too can be set
by group policy.

/Al

"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news: .com...
> Hello John,
>
> If you have at least one vista/server2008 machine and your clients are XP
> or higher, i suggest to use Group policy preferences where you can define
> hardware access for all different kind of devices. Administrationis done
> with RSAT. The clients must have installed the Client side extensions.
>
> Download and install RSAT on Vista/2008:
>
> RSAT 32bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> RSAT 64bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> Then open Control Panele, Programs and features, Turn windows features on
> or off, check the tools you like under "Remote Server Administration
> Tools"
>
> CSE XP 32bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> CSE XP 64bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> CSE 2003 32 bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> CSE 2003 64bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> CSE Vista 32bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> CSE Vista 64bit:
> http://www.microsoft.com/downloads/d...displaylang=en
>
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> "Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
>> news: .com...
>>
>>> Hello John,
>>>
>>> Never heard about. But why not disabling USB ports with GPO and only
>>> open it according your policies?
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>> Unfortunately it is necessary to have some devices - printers and
>> scanners - which are connected via USB. However I want to ensure USB
>> usage is according to policy by preventing users' personal drives and
>> dongles being inserted into the systems. Users are already aware of
>> this policy, but have been taking advantage of the USB access to bring
>> games, emulators (and viruses) onto the systems, and circumvent the
>> www whitelist on the server by using their own USB modems. I have been
>> asked to devise a solution that will record accesses of this type.
>>
>> Thanks for the reply.
>>
>
>